Center
for Cyber Security Training LLC is happy to bring to you EXPLOIT
DEVELOPMENT in partnership with Corelan GCV. We're excited to announce that we have two public classes with limited availability. Bootcamp on July 22-25, 2019 (4 days) and Advanced on September 23-26, 2019 (4 days). Registration forms specify
all the details and the link can be found under each abstract.

It will be required to sign a confidentiality agreement at
the start of the course. You will not be admitted to the course without
signing this document. You can find a copy of the document here.

We do not provide
solutions for any of the exercises in this course, but we will help you to find
the solutions yourself, either during the course of after the course (via the
student-only forum).

ADVANCED EXPLOIT DEVELOPMENT

Abstract:

The “ADVANCED” exploit development class is a
fast-paced, mind-bending, hands-on course where you will learn advanced exploit
development techniques from an experienced exploit developer. During this 4 day
course, students will get the opportunity to learn how to write exploits that
bypass modern memory protections for the Win32 platform. The trainer will
share his “notes from the field” and various tips & tricks to become more
effective at writing exploits.

This is most certainly not an entry level course. In fact,
this is a one of the finest and most advanced courses you will find on Win32
exploit development.

This hardcore, practical, hands-on course will provide
students with solid understanding of current Win32 exploitation & memory
protection bypass techniques, with a strong focus on the Windows heap. We
make sure the course material is kept updated with current techniques, includes
previously undocumented tricks and techniques, and details about research we
performed ourselves. Combined with the way the course is built up, this
will turn this class into a truly unique learning experience.

During all of our courses, we don’t just focus on techniques
and mechanics, but we also want to make sure you understand why a given
technique is used, why something works and why something doesn’t work.

truly
master all basic concepts of exploit development, as listed in our
“BOOTCAMP” course. If you have taken the Bootcamp course and done a
lot of practice after taking the class, then you’re probably ready for
this class.

be
familiar with ROP (i.e. understand how it works on Windows, know how to
build a ROP chain, know how to use mona.py to generate a chain and how to
fix the chain if it doesn’t work)

be
familiar with reading/writing python/ruby/html/javascript scripts

be
familiar with using debuggers (we’ll use WinDBG for most part of the
course, but we’ll spend some time explaining the basics of using WinDBG.
It is assumed that you have practical experience with Immunity
Debugger and mona.py)

be
ready to dive into a debugger and read asm for hours and hours and hours

be
ready to think out of the box and have a strong desire to learn

be fluent with
managing Windows / Linux operating system and with using vmware
workstation/virtualbox

be
familiar with using Metasploit to generate shellcode

have
basic practical knowledge of assembly

It’s imperative for students to comply with these
prerequisites.

BootCamp Exploit Development

Abstract:

This “BOOTCAMP” is a
truly unique opportunity to learn both basic & advanced techniques from an
experienced exploit developer, at a conference. During this 4 day course, students will be able to learn all ins and outs about writing
reliable exploits for the Win32 platform. The trainer will share his “notes
from the field” and various tips & tricks to become more effective at
writing exploits.

We believe it is important to start the course by explaining the basics
of stack buffer overflows and exploit writing, but this is most certainly not
“your average” entry level course. In fact, this is a true bootcamp and one of
the finest and most advanced courses you will find on Win32 stack based exploit
development.

This hardcore hands-on course will provide students with solid
understanding of current Win32 (stack based) exploitation techniques and memory
protection bypass techniques. We make sure the course material is kept
updated with current techniques, includes previously undocumented tricks and
techniques, and details about research we performed ourselves. Combined
with the way the course is built up, this will turn this class into a truly
unique experience.

During all of our courses, we don’t just focus on techniques and
mechanics, but we also want to make sure you understand why a given technique
is used, why something works and why something doesn’t work.

We believe those are just a few arguments that makes this
training stand out between other exploit development training offerings.